By REBECCA RUTHERFORD
Los Alamos
Cyber-criminals just keep pivoting and finding new ways to hit users with info stealing malware and other threats, this time using seemingly legitimate mobile apps. Monday the FBI released a warning for users to use caution with any mobile apps they download, particularly “beta” versions of apps.
What is a beta version of an app? Beta testing is when you give a finished, or close to finished, software product to a small group of users to act as testers. In the case of mobile apps, they may be circulated for user feedback prior to going into the Google Play or Apple app stores.
What does it mean security wise if you download an app from a third party, not from Google or Apple? This means you are missing out on the security protections generally offered by going through the official channels. These apps can contain malicious code designed to steal personal information, gain access to a user’s financial accounts or enable device takeover, the FBI warned.
“Cyber criminals often use phishing or romance scams to establish communications with the victim, then direct the victim to download a mobile beta-testing app housed within a mobile beta-testing app environment, promising incentives such as large financial payouts,” the FBI said in Monday’s bulletin. “The apps may appear legitimate by using names, images, or descriptions similar to popular apps.”
A common scenario for this type of scam involves cyber criminals making initial contact with victims through dating or other networking apps. The crooks build rapport with their victims, and then get them to download a “beta” version of an app, typically one masquerading as a cryptocurrency trading platform.
This kind of scam is typically known as “pig butchering”. What is “pig butchering”? Pig butchering is a type of fraud in which criminals lure victims into digital relationships to build trust before convincing them to invest in cryptocurrency platforms. Unbeknownst to victims, the crooks control the platforms and will eventually take the money and vanish.
Courtesy photo
Security firm Sophos has been observing this technique in the wild since 2021 and calls it “CryptoRom” trading. According to their researchers, scammers are beginning to incorporate generative AI into their attacks, “Use of a generative AI tool could not only make the conversations more convincing but also reduce the workload on scammers interacting with multiple victims,”
In addition to releasing apps outside the official channels, Sophos researchers have noticed scammers having better luck releasing their malicious apps into the official Apple and Google app stores, reducing their reliance on “beta” apps. The apps were able to pass Apple and Google’s security reviews, and get published in the stores, by modifying remote code they relied upon. By making the apps available in the app stores, the crooks have eliminated the social engineering aspect of this scam, making it that much easier to steal your money.
In their announcement Monday, the FBI said there were several signs users should look out for that indicated an app may be malicious. These included: slowing down the device or draining the battery when used, requesting access permissions to functions unrelated to its advertised purpose, and displaying pop-ups that looked like ads, system warnings or reminders.
Always check customer reviews of apps and developers before downloading anything, and don’t use unverified apps as investment tools, the bureau said. Basically, just approach any crypto currency app with caution, because it is a lot more likely than a regular app to be a money and info stealing scam. Be cautious, do your research before you get that new app, and don’t get scammed!
Editor’s note: Rebecca Rutherford works in information technology at Los Alamos National Laboratory.
Credit: Source link
